Following a public comment period, the Federal Trade Commission has approved a final consent ordersettling charges that a background screening company falsely claimed to be in compliance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks.

SecurTest, Inc. agreed in June to settle FTC charges that its website falsely claimed that it participated in the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, which establish processes to allow companies to transfer consumer data from European Union countries and Switzerland to the United States in compliance with EU and Swiss law, respectively.

The FTC alleged that while SecurTest initiated a Privacy Shield application in September 2017 with the U.S. Department of Commerce, the company did not complete the steps necessary to be certified as complying with the frameworks. Because it failed to complete certification, SecurTest was not a certified participant in the frameworks, despite representations to the contrary on its website.

The settlement with the FTC prohibits SecurTest from misrepresenting its participation in any privacy or security program sponsored by a government, self-regulatory, or standard-setting organization, including the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield frameworks. It also must comply with reporting and compliance requirements.

The FTC received one comment on the settlement. The Commission vote approving the final consent order was 5-0.